Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
5-50
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 5 Configuring the Gateway to Receive Email
Sender Verification and Logging
The following log entries provide an example of Sender Verification verdicts.
Envelope Sender Verification
Malformed Envelope Senders:
Domain does not exist (NXDOMAIN):
Domain does not resolve (SERVFAIL):
Enabling Host DNS Verification via the CLI
To enable host DNS verification in the CLI, use the
listenerconfig->edit->hostaccess
command (see
the Cisco IronPort AsyncOS CLI Reference Guide for more information).
shows the types of unverified senders and the corresponding CLI setting:
Accepting Email for Local Domains or Specific Users on Public
Listeners (RAT)
Listeners (RAT)
When you create a public listener, you define all local domains that the appliance will accept messages
for using the Recipient Access Table (RAT). Many enterprise gateways are configured to receive
messages for several local domains. For example, suppose your company changed its name. You would
need to receive email messages for recipients addressed to
for using the Recipient Access Table (RAT). Many enterprise gateways are configured to receive
messages for several local domains. For example, suppose your company changed its name. You would
need to receive email messages for recipients addressed to
currentcompanyname.com
and
oldcompanyname.com
. In this case, both local domains would be included in the RAT for your public
Thu Aug 10 10:14:10 2006 Info: ICID 3248 Address: <user> sender rejected, envelope
sender domain missing
Wed Aug 9 15:39:47 2006 Info: ICID 1424 Address: <user@domain.com> sender rejected,
envelope sender domain does not exist
Wed Aug 9 15:44:27 2006 Info: ICID 1425 Address: <user@domain.com> sender rejected,
envelope sender domain could not be resolved
Table 5-16
Sender Group Settings and Corresponding CLI Values
Connecting Host DNS Verification
Equivalent CLI Setting
Connecting host PTR record does not exist in the DNS.
nx.domain
Connecting host PTR record lookup fails due to temporary DNS
failure.
failure.
serv.fail
Connecting host reverse DNS lookup (PTR) does not match the
forward DNS lookup (A)
forward DNS lookup (A)
not.double.verified